ExorLive Application Developer Policy

14 December 2018 10:15

ExorLive App Developer Policy

Our goal is for ExorLive to be a safe, pleasant and productive working environment. Applications are an important part of making ExorLive useful. We welcome Application developers and are excited to see the amazing experiences you are building within ExorLive. By “Application,” we mean any software application, functionality, website, product or service that you create that uses the ExorLive APIs.

Developers are required to comply with this Policy and our related API terms and other obligations. When we use the term “Services” we are referring to ExorLive’s services and related systems and technology, as well as ExorLive’s websites and all of the information and content made available by or on behalf of ExorLive through any of those services.

Privacy, safety and a high-quality User experience are very important, and this Policy is designed with those goals in mind. We can’t cover every type of Application in this Policy, but we aim to give guidance to developers so that you understand what Applications will be included in ExorLive’s app directory and what Applications will not. To protect Users and our Services, we reserve the right to take any action we deem necessary if an Application violates the letter or spirit of this Policy. By “User” we mean any “Authorized User” as defined in our Customer Terms of Service, including anyone who interacts with the Application directly or indirectly or anyone whose Data is exposed to or used by the Application. By “Data” we mean data, information or content uploaded, posted, transmitted or otherwise made available by ExorLive and Users via the Services, including messages, files, comments, profile information, metadata and token data.

Security: We take the security of Data very seriously, and you must as well. Your network and the operating system and software of your web servers, databases, and computer systems must be properly configured to securely operate your Application and store Data. Data must be stored and served using strong encryption. In addition, Applications and developers are prohibited from:

Degrading or compromising security in any way

Providing access to ExorLive in any fraudulent or unauthorized way, including bypassing or circumventing ExorLive protocols and access controls

Cache content from ExorLive outside of ExorLive

Prevent data from being reported or measured inside ExorLive

Using unpublished APIs

Including misleading and/or deceptive statements about Application functionality, performance, origin or Data use

Transmitting any viruses or other code that may damage, detrimentally interfere with, surreptitiously intercept or expropriate any system or Data

Attempting to reverse engineer or otherwise derive source code, trade secrets, or know-how in the ExorLive API or any portion thereof

User Experience: Every Application must be useful, appropriate, respect User privacy, and provide a generally good User experience. In keeping with this, Applications and developers are prohibited from:

Degrading or compromising performance of the Services

Using vulgar or obscene language or images. Your Application must not contain or offer content that is violent, extreme or that a reasonable person would consider inappropriate for the workplace

Offering sexually-oriented or adult content. Your Application must not contain or offer content that a reasonable person would consider pornographic or indecent

Creating poor User experiences that do not add value to Users in a work setting or that detract from the overall utility of ExorLive and the overall Application ecosystem

Displaying inappropriate communications through your Application. The purpose of the Application and User expectations must be clear and transparent and match ExorLive requirements and expectations

Neglecting appropriate customer assistance. Every Application must include a link to installation instructions and customer support information, including a contact for customer support. You must keep your Application updated and provide timely and accurate User support

Business: In using ExorLive APIs, developers must agree to respect our business as we respect yours. Every Application must behave in accordance with appropriate and accepted business conduct. As part of good business practices, Applications and developers are prohibited from:

Circumventing ExorLive’s intended limitations (including pricing, features and access structures). You may not use the ExorLive API to replicate or compete with core products or services offered by ExorLive

Advertising, including display ads, within the Application experience or ExorLive platform. In addition, Applications may not use Data or content from ExorLive in any advertisements or for purposes of targeting advertisements or contacting Users, including in that Application, your other Applications, or elsewhere

Implying a ExorLive endorsement, certification, affiliation or partnership unless you have explicit permission from ExorLive to do so

Sub-licensing, distributing or allowing access to the ExorLive APIs to anyone else

Design: Good design is an important part of a product development. We want ExorLive developers to create beautiful and thoughtful Applications. Please provide your Users with excellent, well-designed products. As part of good design practices, Applications and developers are prohibited from:

Violating the ExorLive Brand Guidelines

Infringing upon any intellectual property rights in your design. You must include, with your submission, a well-designed, high quality, distinctive icon that doesn't resemble the ExorLive icon

Changing the Application’s look, feel, function, operation or disclosures after ExorLive review. Any changes must be submitted for re-review

Use of Data: Protecting Data is paramount at ExorLive, and must be for you. You are responsible for good Data stewardship practices. First and foremost, you have no independent rights to any Data. In accordance with this, Applications and developers are prohibited from:

Collecting, storing, and using Data without obtaining proper consent of the User

Using Data to contact Users. If you would like to contact Users outside of ExorLive, you must gain permission through a clear and separate permissions process.

Asking Users to provide sensitive, private, and confidential personal information, such as credit card numbers or passwords unless specifically necessary as part of the Application’s legitimate function and purpose

Renting, selling or sharing Data with third parties under any circumstances

Creating Applications that encourage installers to circumvent or interfere with their own workplace and employer data, privacy and security policies

Exploiting Data to create User profiles other than that which is necessary for the Application to function

Ignoring a User’s request for deletion. When a User deletes your Application or if you discontinue your Application you must delete all associated Data within 14 business days

Combining Data with data gathered from other sources for any purposes unrelated to the use of the Application

Requesting and using scopes not required for your Application’s functioning. Use only the appropriate and necessary scopes and clearly define the need for scopes within your Application’s description

Failing to notify Users about privacy and their Data. Your Application must include a publicly-available and easily accessible privacy policy that explains how the Application collects, uses, processes and stores Data, and what control Users have over their Data

Accessing Data for surveillance purposes. You may not allow or assist any entity to conduct surveillance or obtain Data using your access to the ExorLive API

Otherwise exploiting Data in a way not approved by ExorLive and not disclosed to and permitted by Users. You may, however, use Data that is both aggregated and anonymized for purposes of analytics and development related to the Application

Law and Safety: Applications should not create unsafe environments or hardships for Users. Each Application must comply with all applicable laws and legal requirements in all locations where it is made available to Users. In addition, Applications and developers are prohibited from:

Permitting used by children alone under the age of 13

Spamming, harassing, stalking, intimidating or threatening Users

Allowing impersonation of Users or otherwise allowing for false representations within the Application

Notify us immediately if you change the function of, or discontinue your Application

Data breach: If Data is breached, exposed, exploited, or otherwise compromised through your Application or company, you must inform all affected Users and ExorLive immediately. You can reach ExorLive at dpo@exorlive.com.

Violations of this policy may result in removal from the Application Directory, token revocation, developer suspension, User notification, legal action or any other action deemed necessary by ExorLive. If requested, you must provide us with proof of compliance with this policy. If you violate this policy we may or may not provide notice before taking action. Please note that we may periodically audit Applications. If you fail an audit before notifying us of any issues, penalties will be more severe.

This policy will change as the ExorLive Application Directory grows and evolves. Please check back regularly for updates. We may use your email address or a notice through the Services to communicate any material changes to this policy.

If you have any questions about the ExorLive Application Directory or the review process, we'll be happy to help. Send us a note to: support@exorlive.com